From 217f5d42e17ae5dd55adaab1114cacc7f5a2e280 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Mon, 18 Apr 2022 12:09:50 +0200
Subject: openvpn: T4353: fix Jinja2 linting errors
---
data/templates/openvpn/auth.pw.j2 | 5 +
data/templates/openvpn/auth.pw.tmpl | 5 -
data/templates/openvpn/client.conf.j2 | 31 +++++
data/templates/openvpn/client.conf.tmpl | 31 -----
data/templates/openvpn/server.conf.j2 | 224 ++++++++++++++++++++++++++++++++
data/templates/openvpn/server.conf.tmpl | 224 --------------------------------
src/conf_mode/interfaces-openvpn.py | 8 +-
7 files changed, 264 insertions(+), 264 deletions(-)
create mode 100644 data/templates/openvpn/auth.pw.j2
delete mode 100644 data/templates/openvpn/auth.pw.tmpl
create mode 100644 data/templates/openvpn/client.conf.j2
delete mode 100644 data/templates/openvpn/client.conf.tmpl
create mode 100644 data/templates/openvpn/server.conf.j2
delete mode 100644 data/templates/openvpn/server.conf.tmpl
diff --git a/data/templates/openvpn/auth.pw.j2 b/data/templates/openvpn/auth.pw.j2
new file mode 100644
index 000000000..218121062
--- /dev/null
+++ b/data/templates/openvpn/auth.pw.j2
@@ -0,0 +1,5 @@
+{# Autogenerated by interfaces-openvpn.py #}
+{% if authentication is vyos_defined %}
+{{ authentication.username }}
+{{ authentication.password }}
+{% endif %}
diff --git a/data/templates/openvpn/auth.pw.tmpl b/data/templates/openvpn/auth.pw.tmpl
deleted file mode 100644
index 218121062..000000000
--- a/data/templates/openvpn/auth.pw.tmpl
+++ /dev/null
@@ -1,5 +0,0 @@
-{# Autogenerated by interfaces-openvpn.py #}
-{% if authentication is vyos_defined %}
-{{ authentication.username }}
-{{ authentication.password }}
-{% endif %}
diff --git a/data/templates/openvpn/client.conf.j2 b/data/templates/openvpn/client.conf.j2
new file mode 100644
index 000000000..2e327e4d3
--- /dev/null
+++ b/data/templates/openvpn/client.conf.j2
@@ -0,0 +1,31 @@
+### Autogenerated by interfaces-openvpn.py ###
+
+{% if ip is vyos_defined %}
+ifconfig-push {{ ip[0] }} {{ server_subnet[0] | netmask_from_cidr }}
+{% endif %}
+{% if push_route is vyos_defined %}
+{% for route in push_route %}
+push "route {{ route | address_from_cidr }} {{ route | netmask_from_cidr }}"
+{% endfor %}
+{% endif %}
+{% if subnet is vyos_defined %}
+{% for network in subnet %}
+iroute {{ network | address_from_cidr }} {{ network | netmask_from_cidr }}
+{% endfor %}
+{% endif %}
+{# ipv6_remote is only set when IPv6 server is enabled #}
+{% if ipv6_remote is vyos_defined %}
+# IPv6
+{% if ipv6_ip is vyos_defined %}
+ifconfig-ipv6-push {{ ipv6_ip[0] }} {{ ipv6_remote }}
+{% endif %}
+{% for route6 in ipv6_push_route %}
+push "route-ipv6 {{ route6 }}"
+{% endfor %}
+{% for net6 in ipv6_subnet %}
+iroute-ipv6 {{ net6 }}
+{% endfor %}
+{% endif %}
+{% if disable is vyos_defined %}
+disable
+{% endif %}
diff --git a/data/templates/openvpn/client.conf.tmpl b/data/templates/openvpn/client.conf.tmpl
deleted file mode 100644
index 98c8b0273..000000000
--- a/data/templates/openvpn/client.conf.tmpl
+++ /dev/null
@@ -1,31 +0,0 @@
-### Autogenerated by interfaces-openvpn.py ###
-
-{% if ip %}
-ifconfig-push {{ ip[0] }} {{ server_subnet[0] | netmask_from_cidr }}
-{% endif %}
-{% if push_route is vyos_defined %}
-{% for route in push_route %}
-push "route {{ route | address_from_cidr }} {{ route | netmask_from_cidr }}"
-{% endfor %}
-{% endif %}
-{% if subnet is vyos_defined %}
-{% for network in subnet %}
-iroute {{ network | address_from_cidr }} {{ network | netmask_from_cidr }}
-{% endfor %}
-{% endif %}
-{# ipv6_remote is only set when IPv6 server is enabled #}
-{% if ipv6_remote %}
-# IPv6
-{% if ipv6_ip %}
-ifconfig-ipv6-push {{ ipv6_ip[0] }} {{ ipv6_remote }}
-{% endif %}
-{% for route6 in ipv6_push_route %}
-push "route-ipv6 {{ route6 }}"
-{% endfor %}
-{% for net6 in ipv6_subnet %}
-iroute-ipv6 {{ net6 }}
-{% endfor %}
-{% endif %}
-{% if disable is vyos_defined %}
-disable
-{% endif %}
diff --git a/data/templates/openvpn/server.conf.j2 b/data/templates/openvpn/server.conf.j2
new file mode 100644
index 000000000..6dd4ef88d
--- /dev/null
+++ b/data/templates/openvpn/server.conf.j2
@@ -0,0 +1,224 @@
+### Autogenerated by interfaces-openvpn.py ###
+#
+# See https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
+# for individual keyword definition
+#
+# {{ description if description is vyos_defined }}
+#
+
+verb 3
+dev-type {{ device_type }}
+dev {{ ifname }}
+persist-key
+{% if protocol is vyos_defined('tcp-active') %}
+proto tcp-client
+{% elif protocol is vyos_defined('tcp-passive') %}
+proto tcp-server
+{% else %}
+proto udp
+{% endif %}
+{% if local_host is vyos_defined %}
+local {{ local_host }}
+{% endif %}
+{% if mode is vyos_defined('server') and protocol is vyos_defined('udp') and local_host is not vyos_defined %}
+multihome
+{% endif %}
+{% if local_port is vyos_defined %}
+lport {{ local_port }}
+{% endif %}
+{% if remote_port is vyos_defined %}
+rport {{ remote_port }}
+{% endif %}
+{% if remote_host is vyos_defined %}
+{% for remote in remote_host %}
+remote {{ remote }}
+{% endfor %}
+{% endif %}
+{% if shared_secret_key is vyos_defined %}
+secret /run/openvpn/{{ ifname }}_shared.key
+{% endif %}
+{% if persistent_tunnel is vyos_defined %}
+persist-tun
+{% endif %}
+{% if replace_default_route.local is vyos_defined %}
+push "redirect-gateway local def1"
+{% elif replace_default_route is vyos_defined %}
+push "redirect-gateway def1"
+{% endif %}
+{% if use_lzo_compression is vyos_defined %}
+compress lzo
+{% endif %}
+
+{% if mode is vyos_defined('client') %}
+#
+# OpenVPN Client mode
+#
+client
+nobind
+
+{% elif mode is vyos_defined('server') %}
+#
+# OpenVPN Server mode
+#
+mode server
+tls-server
+{% if server is vyos_defined %}
+{% if server.subnet is vyos_defined %}
+{% if server.topology is vyos_defined('point-to-point') %}
+topology p2p
+{% elif server.topology is vyos_defined %}
+topology {{ server.topology }}
+{% endif %}
+{% for subnet in server.subnet %}
+{% if subnet | is_ipv4 %}
+server {{ subnet | address_from_cidr }} {{ subnet | netmask_from_cidr }} nopool
+{# First ip address is used as gateway. It's allows to use metrics #}
+{% if server.push_route is vyos_defined %}
+{% for route, route_config in server.push_route.items() %}
+{% if route | is_ipv4 %}
+push "route {{ route | address_from_cidr }} {{ route | netmask_from_cidr }} {{ subnet | first_host_address ~ ' ' ~ route_config.metric if route_config.metric is vyos_defined }}"
+{% elif route | is_ipv6 %}
+push "route-ipv6 {{ route }}"
+{% endif %}
+{% endfor %}
+{% endif %}
+{# OpenVPN assigns the first IP address to its local interface so the pool used #}
+{# in net30 topology - where each client receives a /30 must start from the second subnet #}
+{% if server.topology is vyos_defined('net30') %}
+ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }}
+{% else %}
+{# OpenVPN assigns the first IP address to its local interface so the pool must #}
+{# start from the second address and end on the last address #}
+ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tun' else '' }}
+{% endif %}
+{% elif subnet | is_ipv6 %}
+server-ipv6 {{ subnet }}
+{% endif %}
+{% endfor %}
+{% endif %}
+
+{% if server.client_ip_pool is vyos_defined and server.client_ip_pool.disable is not vyos_defined %}
+ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }}{{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is vyos_defined }}
+{% endif %}
+{% if server.max_connections is vyos_defined %}
+max-clients {{ server.max_connections }}
+{% endif %}
+{% if server.client is vyos_defined %}
+client-config-dir /run/openvpn/ccd/{{ ifname }}
+{% endif %}
+{% endif %}
+keepalive {{ keep_alive.interval }} {{ keep_alive.interval | int * keep_alive.failure_count | int }}
+management /run/openvpn/openvpn-mgmt-intf unix
+{% if server is vyos_defined %}
+{% if server.reject_unconfigured_clients is vyos_defined %}
+ccd-exclusive
+{% endif %}
+
+{% if server.name_server is vyos_defined %}
+{% for nameserver in server.name_server %}
+{% if nameserver | is_ipv4 %}
+push "dhcp-option DNS {{ nameserver }}"
+{% elif nameserver | is_ipv6 %}
+push "dhcp-option DNS6 {{ nameserver }}"
+{% endif %}
+{% endfor %}
+{% endif %}
+{% if server.domain_name is vyos_defined %}
+push "dhcp-option DOMAIN {{ server.domain_name }}"
+{% endif %}
+{% if server.mfa.totp is vyos_defined %}
+{% set totp_config = server.mfa.totp %}
+plugin "{{ plugin_dir }}/openvpn-otp.so" "otp_secrets=/config/auth/openvpn/{{ ifname }}-otp-secrets otp_slop={{ totp_config.slop }} totp_t0={{ totp_config.drift }} totp_step={{ totp_config.step }} totp_digits={{ totp_config.digits }} password_is_cr={{ '1' if totp_config.challenge == 'enable' else '0' }}"
+{% endif %}
+{% endif %}
+{% else %}
+#
+# OpenVPN site-2-site mode
+#
+ping {{ keep_alive.interval }}
+ping-restart {{ keep_alive.failure_count }}
+
+{% if device_type == 'tap' %}
+{% if local_address is vyos_defined %}
+{% for laddr, laddr_conf in local_address.items() if laddr | is_ipv4 %}
+{% if laddr_conf.subnet_mask is vyos_defined %}
+ifconfig {{ laddr }} {{ laddr_conf.subnet_mask }}
+{% endif %}
+{% endfor %}
+{% endif %}
+{% else %}
+{% for laddr in local_address if laddr | is_ipv4 %}
+{% for raddr in remote_address if raddr | is_ipv4 %}
+ifconfig {{ laddr }} {{ raddr }}
+{% endfor %}
+{% endfor %}
+{% for laddr in local_address if laddr | is_ipv6 %}
+{% for raddr in remote_address if raddr | is_ipv6 %}
+ifconfig-ipv6 {{ laddr }} {{ raddr }}
+{% endfor %}
+{% endfor %}
+{% endif %}
+{% endif %}
+
+{% if tls is vyos_defined %}
+# TLS options
+{% if tls.ca_certificate is vyos_defined %}
+ca /run/openvpn/{{ ifname }}_ca.pem
+{% endif %}
+{% if tls.certificate is vyos_defined %}
+cert /run/openvpn/{{ ifname }}_cert.pem
+{% endif %}
+{% if tls.private_key is vyos_defined %}
+key /run/openvpn/{{ ifname }}_cert.key
+{% endif %}
+{% if tls.crypt_key is vyos_defined %}
+tls-crypt /run/openvpn/{{ ifname }}_crypt.key
+{% endif %}
+{% if tls.crl is vyos_defined %}
+crl-verify /run/openvpn/{{ ifname }}_crl.pem
+{% endif %}
+{% if tls.tls_version_min is vyos_defined %}
+tls-version-min {{ tls.tls_version_min }}
+{% endif %}
+{% if tls.dh_params is vyos_defined %}
+dh /run/openvpn/{{ ifname }}_dh.pem
+{% elif mode is vyos_defined('server') and tls.private_key is vyos_defined %}
+dh none
+{% endif %}
+{% if tls.auth_key is vyos_defined %}
+{% if mode == 'client' %}
+tls-auth /run/openvpn/{{ ifname }}_auth.key 1
+{% elif mode == 'server' %}
+tls-auth /run/openvpn/{{ ifname }}_auth.key 0
+{% endif %}
+{% endif %}
+{% if tls.role is vyos_defined('active') %}
+tls-client
+{% elif tls.role is vyos_defined('passive') %}
+tls-server
+{% endif %}
+{% endif %}
+
+# Encryption options
+{% if encryption is vyos_defined %}
+{% if encryption.cipher is vyos_defined %}
+cipher {{ encryption.cipher | openvpn_cipher }}
+{% if encryption.cipher is vyos_defined('bf128') %}
+keysize 128
+{% elif encryption.cipher is vyos_defined('bf256') %}
+keysize 256
+{% endif %}
+{% endif %}
+{% if encryption.ncp_ciphers is vyos_defined %}
+data-ciphers {{ encryption.ncp_ciphers | openvpn_ncp_ciphers }}
+{% endif %}
+{% endif %}
+
+{% if hash is vyos_defined %}
+auth {{ hash }}
+{% endif %}
+
+{% if authentication is vyos_defined %}
+auth-user-pass {{ auth_user_pass_file }}
+auth-retry nointeract
+{% endif %}
diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl
deleted file mode 100644
index f26680fa3..000000000
--- a/data/templates/openvpn/server.conf.tmpl
+++ /dev/null
@@ -1,224 +0,0 @@
-### Autogenerated by interfaces-openvpn.py ###
-#
-# See https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
-# for individual keyword definition
-#
-# {{ description if description is vyos_defined }}
-#
-
-verb 3
-dev-type {{ device_type }}
-dev {{ ifname }}
-persist-key
-{% if protocol == 'tcp-active' %}
-proto tcp-client
-{% elif protocol == 'tcp-passive' %}
-proto tcp-server
-{% else %}
-proto udp
-{% endif %}
-{% if local_host is vyos_defined %}
-local {{ local_host }}
-{% endif %}
-{% if mode is vyos_defined('server') and protocol is vyos_defined('udp') and local_host is not vyos_defined %}
-multihome
-{% endif %}
-{% if local_port is vyos_defined %}
-lport {{ local_port }}
-{% endif %}
-{% if remote_port is vyos_defined %}
-rport {{ remote_port }}
-{% endif %}
-{% if remote_host is vyos_defined %}
-{% for remote in remote_host %}
-remote {{ remote }}
-{% endfor %}
-{% endif %}
-{% if shared_secret_key is vyos_defined %}
-secret /run/openvpn/{{ ifname }}_shared.key
-{% endif %}
-{% if persistent_tunnel is vyos_defined %}
-persist-tun
-{% endif %}
-{% if replace_default_route.local is vyos_defined %}
-push "redirect-gateway local def1"
-{% elif replace_default_route is vyos_defined %}
-push "redirect-gateway def1"
-{% endif %}
-{% if use_lzo_compression is vyos_defined %}
-compress lzo
-{% endif %}
-
-{% if mode == 'client' %}
-#
-# OpenVPN Client mode
-#
-client
-nobind
-
-{% elif mode == 'server' %}
-#
-# OpenVPN Server mode
-#
-mode server
-tls-server
-{% if server is vyos_defined %}
-{% if server.subnet is vyos_defined %}
-{% if server.topology is vyos_defined('point-to-point') %}
-topology p2p
-{% elif server.topology is vyos_defined %}
-topology {{ server.topology }}
-{% endif %}
-{% for subnet in server.subnet %}
-{% if subnet | is_ipv4 %}
-server {{ subnet | address_from_cidr }} {{ subnet | netmask_from_cidr }} nopool
-{# First ip address is used as gateway. It's allows to use metrics #}
-{% if server.push_route is vyos_defined %}
-{% for route, route_config in server.push_route.items() %}
-{% if route | is_ipv4 %}
-push "route {{ route | address_from_cidr }} {{ route | netmask_from_cidr }}{% if route_config.metric is vyos_defined %} {{ subnet | first_host_address }} {{ route_config.metric }}{% endif %}"
-{% elif route | is_ipv6 %}
-push "route-ipv6 {{ route }}"
-{% endif %}
-{% endfor %}
-{% endif %}
-{# OpenVPN assigns the first IP address to its local interface so the pool used #}
-{# in net30 topology - where each client receives a /30 must start from the second subnet #}
-{% if server.topology is vyos_defined('net30') %}
-ifconfig-pool {{ subnet | inc_ip('4') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tap' else '' }}
-{% else %}
-{# OpenVPN assigns the first IP address to its local interface so the pool must #}
-{# start from the second address and end on the last address #}
-ifconfig-pool {{ subnet | first_host_address | inc_ip('1') }} {{ subnet | last_host_address | dec_ip('1') }} {{ subnet | netmask_from_cidr if device_type == 'tun' else '' }}
-{% endif %}
-{% elif subnet | is_ipv6 %}
-server-ipv6 {{ subnet }}
-{% endif %}
-{% endfor %}
-{% endif %}
-
-{% if server.client_ip_pool is vyos_defined and server.client_ip_pool.disable is not vyos_defined %}
-ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }}{{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is vyos_defined }}
-{% endif %}
-{% if server.max_connections is vyos_defined %}
-max-clients {{ server.max_connections }}
-{% endif %}
-{% if server.client is vyos_defined %}
-client-config-dir /run/openvpn/ccd/{{ ifname }}
-{% endif %}
-{% endif %}
-keepalive {{ keep_alive.interval }} {{ keep_alive.interval|int * keep_alive.failure_count|int }}
-management /run/openvpn/openvpn-mgmt-intf unix
-{% if server is vyos_defined %}
-{% if server.reject_unconfigured_clients is vyos_defined %}
-ccd-exclusive
-{% endif %}
-
-{% if server.name_server is vyos_defined %}
-{% for nameserver in server.name_server %}
-{% if nameserver | is_ipv4 %}
-push "dhcp-option DNS {{ nameserver }}"
-{% elif nameserver | is_ipv6 %}
-push "dhcp-option DNS6 {{ nameserver }}"
-{% endif %}
-{% endfor %}
-{% endif %}
-{% if server.domain_name is vyos_defined %}
-push "dhcp-option DOMAIN {{ server.domain_name }}"
-{% endif %}
-{% if server.mfa.totp is vyos_defined %}
-{% set totp_config = server.mfa.totp %}
-plugin "{{ plugin_dir}}/openvpn-otp.so" "otp_secrets=/config/auth/openvpn/{{ ifname }}-otp-secrets {{ 'otp_slop=' ~ totp_config.slop }} {{ 'totp_t0=' ~ totp_config.drift }} {{ 'totp_step=' ~ totp_config.step }} {{ 'totp_digits=' ~ totp_config.digits }} password_is_cr={{ '1' if totp_config.challenge == 'enable' else '0' }}"
-{% endif %}
-{% endif %}
-{% else %}
-#
-# OpenVPN site-2-site mode
-#
-ping {{ keep_alive.interval }}
-ping-restart {{ keep_alive.failure_count }}
-
-{% if device_type == 'tap' %}
-{% if local_address is vyos_defined %}
-{% for laddr, laddr_conf in local_address.items() if laddr | is_ipv4 %}
-{% if laddr_conf.subnet_mask is vyos_defined %}
-ifconfig {{ laddr }} {{ laddr_conf.subnet_mask }}
-{% endif %}
-{% endfor %}
-{% endif %}
-{% else %}
-{% for laddr in local_address if laddr | is_ipv4 %}
-{% for raddr in remote_address if raddr | is_ipv4 %}
-ifconfig {{ laddr }} {{ raddr }}
-{% endfor %}
-{% endfor %}
-{% for laddr in local_address if laddr | is_ipv6 %}
-{% for raddr in remote_address if raddr | is_ipv6 %}
-ifconfig-ipv6 {{ laddr }} {{ raddr }}
-{% endfor %}
-{% endfor %}
-{% endif %}
-{% endif %}
-
-{% if tls is vyos_defined %}
-# TLS options
-{% if tls.ca_certificate is vyos_defined %}
-ca /run/openvpn/{{ ifname }}_ca.pem
-{% endif %}
-{% if tls.certificate is vyos_defined %}
-cert /run/openvpn/{{ ifname }}_cert.pem
-{% endif %}
-{% if tls.private_key is vyos_defined %}
-key /run/openvpn/{{ ifname }}_cert.key
-{% endif %}
-{% if tls.crypt_key is vyos_defined %}
-tls-crypt /run/openvpn/{{ ifname }}_crypt.key
-{% endif %}
-{% if tls.crl is vyos_defined %}
-crl-verify /run/openvpn/{{ ifname }}_crl.pem
-{% endif %}
-{% if tls.tls_version_min is vyos_defined %}
-tls-version-min {{ tls.tls_version_min }}
-{% endif %}
-{% if tls.dh_params is vyos_defined %}
-dh /run/openvpn/{{ ifname }}_dh.pem
-{% elif mode is vyos_defined('server') and tls.private_key is vyos_defined %}
-dh none
-{% endif %}
-{% if tls.auth_key is vyos_defined %}
-{% if mode == 'client' %}
-tls-auth /run/openvpn/{{ ifname }}_auth.key 1
-{% elif mode == 'server' %}
-tls-auth /run/openvpn/{{ ifname }}_auth.key 0
-{% endif %}
-{% endif %}
-{% if tls.role is vyos_defined('active') %}
-tls-client
-{% elif tls.role is vyos_defined('passive') %}
-tls-server
-{% endif %}
-{% endif %}
-
-# Encryption options
-{% if encryption is vyos_defined %}
-{% if encryption.cipher is vyos_defined %}
-cipher {{ encryption.cipher | openvpn_cipher }}
-{% if encryption.cipher is vyos_defined('bf128') %}
-keysize 128
-{% elif encryption.cipher is vyos_defined('bf256') %}
-keysize 256
-{% endif %}
-{% endif %}
-{% if encryption.ncp_ciphers is vyos_defined %}
-data-ciphers {{ encryption.ncp_ciphers | openvpn_ncp_ciphers }}
-{% endif %}
-{% endif %}
-
-{% if hash is vyos_defined %}
-auth {{ hash }}
-{% endif %}
-
-{% if authentication is vyos_defined %}
-auth-user-pass {{ auth_user_pass_file }}
-auth-retry nointeract
-{% endif %}
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index 83d1c6d9b..a9be093c2 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -608,7 +608,7 @@ def generate(openvpn):
# Generate User/Password authentication file
if 'authentication' in openvpn:
- render(openvpn['auth_user_pass_file'], 'openvpn/auth.pw.tmpl', openvpn,
+ render(openvpn['auth_user_pass_file'], 'openvpn/auth.pw.j2', openvpn,
user=user, group=group, permission=0o600)
else:
# delete old auth file if present
@@ -624,16 +624,16 @@ def generate(openvpn):
# Our client need's to know its subnet mask ...
client_config['server_subnet'] = dict_search('server.subnet', openvpn)
- render(client_file, 'openvpn/client.conf.tmpl', client_config,
+ render(client_file, 'openvpn/client.conf.j2', client_config,
user=user, group=group)
# we need to support quoting of raw parameters from OpenVPN CLI
# see https://phabricator.vyos.net/T1632
- render(cfg_file.format(**openvpn), 'openvpn/server.conf.tmpl', openvpn,
+ render(cfg_file.format(**openvpn), 'openvpn/server.conf.j2', openvpn,
formater=lambda _: _.replace(""", '"'), user=user, group=group)
# Render 20-override.conf for OpenVPN service
- render(service_file.format(**openvpn), 'openvpn/service-override.conf.tmpl', openvpn,
+ render(service_file.format(**openvpn), 'openvpn/service-override.conf.j2', openvpn,
formater=lambda _: _.replace(""", '"'), user=user, group=group)
# Reload systemd services config to apply an override
call(f'systemctl daemon-reload')
--
cgit v1.2.3